Spear phishing...No, you got it wrong. It’s not a sport or a game...it is a scam and you are the target fish. You must be aware of the phishing attacks in which emails or advertisements are created and sent by the cyber criminals to fool and trick the computer user to acquire sensitive information about them. Users get tricked by these eye-candy emails and pass their username and passwords on these websites resulting in loss of sensitive information to the malicious programmers.
Spear Phishing is a more targeted version of this attack. Instead of sending mails to many million people, cyber criminals targets individual or business. In this type of attack, an email is arrived to a computer user with credentials of an individual that you know.
How It Works-
The cyber criminals research on their targeted individual on social networking websites like LinkedIN, Facebook and Myspace. Based on this research, the criminals create an email from a close relative of the target victim. This emails seems to be relevant to the victim and he clicks on it.
The email can be used to fool or trick the victim in two ways
- By fake websites
These types of emails comes with a link. This link, when opened redirects the user to a bogus website. The website demands the victim to enter the information such as bank details or sensitive information. This acquired information is passed to the cyber criminal.
- By email attachments
The emails can come with attachment files. When executed, these infected files can cause destruction to your computer system and can steal relevant information from your computer.
How to protect yourself?
Here are some of the ways by which you can protect yourself from Spear Phishing-
- Protecting your Social networking accounts
- Limit the information you post about yourself.
- Don’t add friends in your list whom you don’t know personally.
- Social networking sites have privacy settings. Adjust it to safeguard your personal details.
- Do not open suspicious emails
- Check those emails with email scanner that appear suspicious to you.
- Don't open ‘.exe’ or executable email attachments.
- Use security software
- Do use an internet security solution for your computer system.
- Do update your Antivirus system database daily.
- Be smart
- If a friend or relatives asks you for sensitive information on the internet. Verify him.
- Do not open emails with eye-candy deals and advertisements.